An Interest In:
Web News this Week
- April 12, 2024
- April 11, 2024
- April 10, 2024
- April 9, 2024
- April 8, 2024
- April 7, 2024
- April 6, 2024
February 14, 2022 08:04 pm
Original Link: https://tech.slashdot.org/story/22/02/14/1914203/thousands-of-npm-accounts-use-email-addresses-with-expired-domains?utm_source=rss1.0mainlinkanon&utm_
Thousands of Npm Accounts Use Email Addresses With Expired Domains
An academic research project found that thousands of JavaScript developers are using an email address with an expired domain for their npm accounts, leaving their projects exposed to easy hijacks. From a report: The study, performed last year by researchers from Microsoft and North Caroline State University, analyzed the metadata of 1,630,101 libraries uploaded on Node Package Manager (npm), the de-facto repository for JavaScript libraries and the largest package repository on the internet. Researchers said they found that 2,818 project maintainers were still using an email address for their accounts that had an expired domain, some of which they found on sale on sites like GoDaddy. The team argued that attackers could buy these domains, re-register the maintainer's address on their own email servers, and then reset the maintainer's account password and take over his npm packages.Read more of this story at Slashdot.
Original Link: https://tech.slashdot.org/story/22/02/14/1914203/thousands-of-npm-accounts-use-email-addresses-with-expired-domains?utm_source=rss1.0mainlinkanon&utm_
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot